There have been several recent cases that deal with the authentication of social networking evidence. The Connecticut Court of Appeals recently tackled the issue of whether Facebook messages were properly authenticated. Despite the proffer of circumstantial evidence which tended to show that the messages were authored by the person in question, the court holds that the messages were insufficiently authenticated and therefore properly excluded.

The defendant was charged for assault over an incident at a party. Simone Judway, one of the State’s witnesses testified that she talked to the defendant prior to the altercation, and the defendant told her that “if anyone messes with me tonight, I am going to stab them.” The defendant sought to impeach Judway’s credibility and asked if she had spoken with the defendant following the incident. She said no. The defendant sought to undermine her credibility by showing that she had exchanged Facebook messages with the defendant.

The defendant introduced printouts from his Facebook page which contained messages purportedly from Judway. He also testified that he recognized Judway’s Facebook user name (Simone Danielle) as Judway’s and that Judway had added him as a Facebook friend shortly before the exchange of messages. Although Judway contested the defendant’s claim that she authored the messages, she did not contest that the messages were sent through her Facebook account. She relied vaguely on the fact that her account may have been hacked:

While admitting that the messages were sent from her Facebook account, she simultaneously denied their authorship. She also suggested the she could not have authored the messages because the account had been ‘hacked.’

The court notes that the existing rules are sufficient to deal with evidentiary issues raised by social networking evidence:

[w]e see no justification for constructing unique rules for admissibility of electronic communications such as instant messages; they are to be evaluated on a case-by-case basis as any other document to determine whether or not there has been an adequate foundational showing of their relevance and authenticity.

The court also went on to say that circumstantial authentication of these types of messages may be appropriate. Nevertheless, the court held that it was proper for the trial court to exclude the evidence. Strangely enough, the court is skeptical of the argument that the messages were not sufficiently authenticated because the account may have been hacked, but still says that it was up to the defendant to put forth additional evidence to rebut this argument:

Although this suggestion is dubious under the particular facts at hand, given that the messages were sent before the alleged hacking of the account took place, Judway’s testimony highlights the general lack of security of the medium and raises an issue as to whether a third party may have sent the messages via Judway’s account. Consequently, we agree with the trial court that the fact that Judway held and managed the account did not provide a sufficient foundation for admitting the printout, and it was incumbent on the defendant . . . to advance other foundational proof to authenticate that the proffered messages did, in fact, come from Judway and not simply from her Facebook account.

I blogged about a Maryland case where the Maryland Supreme Court rejected circumstantial authentication of MySpace evidence (“Maryland Supreme Court Rejects “Circumstantial Authentication” Standard for MySpace Evidence“). Although the court in this case pays lip service to circumstantial authentication, it looks like the court has similar skepticism towards the authenticity of this type of evidence. It was fairly surprising that the court bought the argument that the account may have been hacked, and did not rule that this was a credibility issue for the factfinder. Perhaps this is a testament to how widespread Facebook account hacks are perceived to be.